linux/security/integrity/integrity_audit.c
<<
>>
Prefs 
   1/*
   2 * Copyright (C) 2008 IBM Corporation
   3 * Author: Mimi Zohar <zohar@us.ibm.com>
   4 *
   5 * This program is free software; you can redistribute it and/or modify
   6 * it under the terms of the GNU General Public License as published by
   7 * the Free Software Foundation, version 2 of the License.
   8 *
   9 * File: integrity_audit.c
  10 *      Audit calls for the integrity subsystem
  11 */
  12
  13#include <linux/fs.h>
  14#include <linux/gfp.h>
  15#include <linux/audit.h>
  16#include "integrity.h"
  17
  18static int integrity_audit_info;
  19
  20/* ima_audit_setup - enable informational auditing messages */
  21static int __init integrity_audit_setup(char *str)
  22{
  23        unsigned long audit;
  24
  25        if (!strict_strtoul(str, 0, &audit))
  26                integrity_audit_info = audit ? 1 : 0;
  27        return 1;
  28}
  29__setup("integrity_audit=", integrity_audit_setup);
  30
  31void integrity_audit_msg(int audit_msgno, struct inode *inode,
  32                         const unsigned char *fname, const char *op,
  33                         const char *cause, int result, int audit_info)
  34{
  35        struct audit_buffer *ab;
  36
  37        if (!integrity_audit_info && audit_info == 1)   /* Skip info messages */
  38                return;
  39
  40        ab = audit_log_start(current->audit_context, GFP_KERNEL, audit_msgno);
  41        audit_log_format(ab, "pid=%d uid=%u auid=%u ses=%u",
  42                         current->pid,
  43                         from_kuid(&init_user_ns, current_cred()->uid),
  44                         from_kuid(&init_user_ns, audit_get_loginuid(current)),
  45                         audit_get_sessionid(current));
  46        audit_log_task_context(ab);
  47        audit_log_format(ab, " op=");
  48        audit_log_string(ab, op);
  49        audit_log_format(ab, " cause=");
  50        audit_log_string(ab, cause);
  51        audit_log_format(ab, " comm=");
  52        audit_log_untrustedstring(ab, current->comm);
  53        if (fname) {
  54                audit_log_format(ab, " name=");
  55                audit_log_untrustedstring(ab, fname);
  56        }
  57        if (inode) {
  58                audit_log_format(ab, " dev=");
  59                audit_log_untrustedstring(ab, inode->i_sb->s_id);
  60                audit_log_format(ab, " ino=%lu", inode->i_ino);
  61        }
  62        audit_log_format(ab, " res=%d", !result);
  63        audit_log_end(ab);
  64}
  65
Hosted by Missing Link Electronics. The original LXR software by the LXR community, this experimental version by lxr@linux.no.